Cyber companies, including us, tend to use these two terms interchangeably. But it’s crucial to your business to know what exactly the difference is and how to protect your company against both types of cyberattacks.

Cyberattacks were up in 2019—32% of organizations reported more attacks than in the previous year, according to cybersecurity firm Herjavec. Those stats are only rising from here on out. These breaches and hacks target not only small businesses, but also some of the largest tech and media companies in the world.

With an expanding remote workforce the numbers of attacks have sky rocketed. Not to mention a growing number of places online where you share sensitive information.

Though often “data breaches” and “hacks” are used the same. The two terms actually have their own distinct meanings. Here we will break down both kinds of attacks and their financial impacts on small to medium businesses so you can stay ahead of the game.


Hacks vs. data breaches

A hack is an intentional attack to gain unauthorized access to a device, server, or another protected IT resource. The purpose of a hack is to compromise the system’s availability, integrity, or confidentiality.

The attackers’ most common tools are stolen or brute-forced credentials, vulnerability exploits, and backdoors. Carried out by a single person or an organized group, hacks can be as simple as a social media account takeover or as complex as a targeted attack on a supply chain.


A data breach is a security incident that results in the confirmed disclosure of sensitive data—such as personally identifiable information (PII), login credentials, or intellectual property. Given to an unauthorized party and used maliciously. A data breach can be the result of a hack, another type of attack such as malware, or an error such as unintentionally leaving data in an unsecured environment.


Aside from financial costs, there is much more at stake for businesses after a cyberattack, including their reputation. Here are 5 ways companies may be impacted:

  1. Financial costs: These costs include anything from incident response, remediation, and breach notifications to regulatory fines and civil lawsuits.
  2. Revenue or opportunity loss: Making up a large portion of indirect outcomes, these hidden costs include productivity losses and missed sales.
  3. IT systems downtime and business interruption: Ransomware and other attacks that take IT systems offline can affect both employees and customers. Some businesses report downtimes as long as 18 hours.
  4. Damage to brand reputation and loss of trust: Rebuilding trust with your customers can take years. Breaches, hacks, and downtime all affect a brand’s reputation with its customers.
  5. Intellectual property theft: Hacking intelligence is especially prevalent in industries such as manufacturing and life sciences.